Google Git
Sign in
apache / directory-fortress-core / HEAD / . / ldap / setup / FortressDemoUsers.xml
blob: a1b98b0906cac79b30ed16d36d04b816c4937722 [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project basedir="." default="all" name="Fortress Sample Data">
<taskdef classname="org.apache.directory.fortress.core.ant.FortressAntTask" name="FortressAdmin" >
<classpath path="${java.class.path}"/>
</taskdef>
<target name="all">
<FortressAdmin>
<!--
<addcontext>
<context name="${tenant}"/>
</addcontext>
-->
<addcontainer>
<container name="People" description="Fortress People"/>
<container name="Policies" description="Fortress Policies"/>
<container name="RBAC" description="Fortress RBAC Policies"/>
<container name="Roles" parent="RBAC" description="Fortress Roles"/>
<container name="Permissions" parent="RBAC" description="Fortress Permissions"/>
<container name="Constraints" parent="RBAC" description="Fortress Separation of Duty Constraints"/>
<container name="ARBAC" description="Fortress Administrative RBAC Policies"/>
<container name="OS-U" parent="ARBAC" description="Fortress User Organizational Units"/>
<container name="OS-P" parent="ARBAC" description="Fortress Perm Organizational Units"/>
<container name="AdminRoles" parent="ARBAC" description="Fortress AdminRoles"/>
<container name="AdminPerms" parent="ARBAC" description="Fortress Admin Permissions"/>
</addcontainer>
<!-- Begin RBAC Admin Data: -->
<adduser>
<!-- User end time is very early - 8am so this user will fail AuthN if you login after that time. -->
<user userId="demoUser1"
password="password"
description="Demo Test User 1"
ou="demousrs1"
cn="JoeUser1"
sn="User1"
pwPolicy="Test1"
beginTime="0000"
endTime="0800"
beginDate="20090101"
endDate="20990101"
beginLockDate=""
endLockDate=""
dayMask="1234567"
timeout="60"
city="Lawrence"
state="KS"
country="US"
addresses="1450 Jayhawk Blvd.,50 Strong Hall"
postalCode="66045"
postOfficeBox="321"
building="50"
departmentNumber="77"
roomNumber="1"
email="joe.user@ku.edu,joe.user@jts.us"
phone="785 864-4700,785-864-4000"
mobile="785 864-4701,785 864-2201"
photo="p1.jpeg"
/>
<user userId="demoUser2" password="password" description="Demo Test User 2" ou="demousrs1" cn="JoeUser2" sn="User2" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p2.jpeg"/>
<!-- Bad User day mask -->
<user userId="demoUser3" password="password" description="Demo Test User 3" ou="demousrs1" cn="JoeUser3" sn="User3" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="17" timeout="60" photo="p3.jpeg"/>
<user userId="demoUser4" password="password" description="Demo Test User 4" ou="demousrs1" cn="JoeUser4" sn="User4" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p4.jpeg"/>
<!-- Bad Role end time -->
<user userId="demoUser5" password="password" description="Demo Test User 5" ou="demousrs1" cn="JoeUser5" sn="User5" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p5.jpeg"/>
<user userId="demoUser6" password="password" description="Demo Test User 6" ou="demousrs1" cn="JoeUser6" sn="User6" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p6.jpeg"/>
<!-- Bad Role begin date -->
<user userId="demoUser7" password="password" description="Demo Test User 7" ou="demousrs1" cn="JoeUser7" sn="User7" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p7.jpeg"/>
<user userId="demoUser8" password="password" description="Demo Test User 8" ou="demousrs1" cn="JoeUser8" sn="User8" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p8.jpeg"/>
<!-- Bad Role end date -->
<user userId="demoUser9" password="password" description="Demo Test User 9" ou="demousrs1" cn="JoeUser9" sn="User9" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p9.jpeg"/>
<user userId="demoUser10" password="password" description="Demo Test User 10" ou="demousrs1" cn="JoeUser10" sn="User10" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="60" photo="p10.jpeg"/>
<user userId="tcmanager" password="m@nager123" system="true" description="Tomcat Manager User" ou="demousrs1" cn="tcmanager" sn="manager" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="0" photo="p11.jpeg"/>
<user userId="wasadmin" password="@dmin123" system="true" description="Websphere Console Admin" ou="demousrs1" cn="wasadmin" sn="admin" pwPolicy="Test1" beginTime="0000" endTime="0000" beginDate="20090101" endDate="20990101" beginLockDate="" endLockDate="" dayMask="1234567" timeout="0" photo="p12.jpeg"/>
<user userId="demoAdminUser1"
password="password"
description="Demo Test Admin User 1"
ou="demousrs1"
cn="adminUser1"
sn="adminUser1"
pwPolicy="Test1"
beginTime="0000"
endTime="0000"
beginDate="20090101"
endDate="20990101"
beginLockDate=""
endLockDate=""
dayMask="1234567"
timeout="60"
photo="p13.jpeg"
/>
</adduser>
<adduserrole>
<userrole userId="demoUser1"
name="role1"
beginTime="0000"
endTime="0000"
beginDate=""
endDate=""
beginLockDate=""
endLockDate=""
dayMask=""
timeout="0"/>
<userrole userId="demoUser2" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser3" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser4" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser4" name="fortress-rest-user" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser4" name="fortress-rest-super-user" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<!-- Bad - role end time -->
<userrole userId="demoUser5" name="role1" beginTime="0700" endTime="0800" beginDate="20100101" endDate="21000101" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser6" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<!-- Bad - role begin date -->
<userrole userId="demoUser7" name="role1" beginTime="0000" endTime="0000" beginDate="20110110" endDate="21000101" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser8" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<!-- Bad - role end date -->
<userrole userId="demoUser9" name="role1" beginTime="0000" endTime="0000" beginDate="20100101" endDate="20100608" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="demoUser10" name="role1" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="tcmanager" name="manager-gui" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="tcmanager" name="manager-script" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
<userrole userId="tcmanager" name="manager" beginTime="0000" endTime="0000" beginDate="" endDate="" beginLockDate="" endLockDate="" dayMask="" timeout="0"/>
</adduserrole>
<addrole>
<role name="role1" description="Tomcat Role 1 for Calendar App"/>
<role name="role2" description="Tomcat Role 2 for Calendar App"/>
<role name="manager-gui" description="Tomcat 7 Manager Role for Manager UI"/>
<role name="manager-script" description="Tomcat 7 Manager Role for Management Scripts"/>
<role name="manager" description="Tomcat Manager Role"/>
<role name="fortress-rest-super-user" description="Role to gain access to the Fortress Rest services"/>
<role name="fortress-rest-user" description="Role to gain access to the Fortress Rest server"/>
</addrole>
<addadminrole>
<role name="DemoAdminUsers"
description="Test Admin Role for Demo"
osps="demoapps1,demoapps2"
osus="demousrs1,demousrs2"
beginrange="role1"
endrange="role1"
begininclusive="true"
endinclusive="true"/>
</addadminrole>
<adduseradminrole>
<userrole userId="demouser4"
name="DemoAdminUsers"
beginTime="0000"
endTime="0000"
beginDate=""
endDate=""
beginLockDate=""
endLockDate=""
dayMask=""
timeout="0"/>
</adduseradminrole>
<addsdset>
<sdset name="DemoSSD1"
description="Demo static separation of duties"
cardinality="2"
settype="STATIC"
setmembers="role1,role2"/>
</addsdset>
<addpwpolicy>
<!-- safe modify must be false iff user can chg pw after reset -->
<policy name="Test1"
minAge="0"
maxAge="7776000"
inHistory="5"
checkQuality="2"
minLength="4"
expireWarning="2592000"
graceLoginLimit="3"
lockout="true"
lockoutDuration="0"
maxFailure="3"
failureCountInterval="0"
mustChange="true"
allowUserChange="true"
safeModify="false" />
</addpwpolicy>
<addpermobj>
<permobj objName="/cal/cal1.jsp"
description="Fortress Web Demo App Object 1"
ou="demoapps1"
type="Ant"/>
<permobj objName="/cal/cal2.jsp"
description="Fortress Web Demo App Object 2"
ou="demoapps1"
type="Ant"/>
<!--
<permobj admin="true"
objName="org.apache.directory.fortress.audit.AuditMgrImpl"
description="AuditMgr Object"
ou="demoapps1" type="Ant"/>
-->
</addpermobj>
<addpermop>
<permop opName="main" objName="/cal/cal1.jsp" type="Ant"/>
<permop opName="8am" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="9am" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="10am" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="11am" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="12pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="1pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="2pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="3pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="4pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="5pm" objName="/cal/cal2.jsp" type="Ant"/>
<permop opName="6pm" objName="/cal/cal2.jsp" type="Ant"/>
<!--
<permop admin="true" opName="searchBinds" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchAuthZs" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="getUserAuthZs" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchUserSessions" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchAdminMods" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
<permop admin="true" opName="searchInvalidUsers" objName="org.apache.directory.fortress.audit.AuditMgrImpl" type="Ant"/>
-->
</addpermop>
<addpermgrant>
<permgrant objName="/cal/cal1.jsp" opName="main" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="8am" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="10am" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="12pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="2pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="4pm" roleNm="role1"/>
<permgrant objName="/cal/cal2.jsp" opName="6pm" roleNm="role1"/>
<!--
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="searchBinds" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="searchAuthZs" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="getUserAuthZs" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="searchUserSessions" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="searchAdminMods" roleNm="DemoAdminUsers"/>
<permgrant admin="true" objName="org.apache.directory.fortress.audit.AuditMgrImpl" opName="searchInvalidUsers" roleNm="DemoAdminUsers"/>
-->
</addpermgrant>
<!-- Begin ARBAC Delegated Admin Data: -->
<addorgunit>
<orgunit name="demousrs1" typeName="USER" description="Test User Org 1 for User on Tomcat Calendar App"/>
<orgunit name="demousrs2" typename="USER" description="Test User Org 2 for User on Tomcat Calendar App"/>
<orgunit name="demoapps1" typeName="PERM" description="Test Perm Org 1 for Permission on Tomcat Calendar App"/>
<orgunit name="demoapps2" typename="PERM" description="Test Perm Org 2 for Permission on Tomcat Calendar App"/>
</addorgunit>
</FortressAdmin>
</target>
</project>